• Swindon & Wiltshire Experts
• Thursday September 11 2025

Will your business become headline news for the wrong reasons?

Big firms are making headlines due to cyber breaches. Here’s how not to join them, says Layla Cockburn of Filestream.

I expect you have heard of some of the big names that have been struck by cyber criminals this year, as they often make headline news.

Last week it was Jaguar Land Rover. It’s being reported that hackers infiltrated their systems forcing them to shut down and halt production. Thousands of workers have been told to stay at home this week, and disruption is expected to last until October: What will that cost the company?

In April Marks and Spencer were thrown into chaos for almost six weeks, after a phishing attack on an outsourced IT contractor which impacted their business and is expected to cost them £300million. This major case highlights the importance of checking if your suppliers are secure.

The Legal Aid agency also had their data compromised the same month, exposing personal, financial and legal data.

These are all high-profile cases, and large organisations, but you don’t have to be big to be a target. Any SME business is at risk.

Most cyber criminals employ the same tactics and tools – such as phishing, social engineering and ransomware – on small businesses.

The Cyber Security Breaches Survey in 2025 found that ‘Just over four in ten businesses (43 per cent) and three in ten charities (30 per cent) reported having experienced any kind of cyber security breach or attack in the last 12 months’ – with phishing attacks (85 per cent) remaining the most prevalent and disruptive.

So what can you do to help protect your business? Firstly, assume it could be you, so think about how to help prevent it happening, and have plans on how to respond if it does.

The National Cyber Security Centre has some very practical and clear guidance for businesses of all sizes, and is well worth a read: https://www.ncsc.gov.uk/collection/small-business-guide

There is some low hanging fruit – training and raising awareness amongst your staff. People or human error still remains the easiest way into an organisation. Make sure all your staff are aware of the risks, particularly around phishing, good password management and new social engineering trends.

From a technical perspective, making sure you install and keep your anti-virus software updated, regularly backing up your data, and keeping your IT equipment up to date. Additionally, a good document management software can ensure that your data is encrypted in the event of a cyber-attack.

If you or your staff work from smartphones and tablets, which is increasingly common with mobile working these days, they need even more protection as they often leave the safety of an office and home.

Password protection, enabling lost devices to be tracked/locked/wiped, keeping apps up to date and not connecting to unknown wifi hotspots are all good protections to put into place.

If you don’t take any action, then your business could easily be the ‘low hanging fruit’ for criminals and the price tag of that could be far too high.

Layla Cockburn is operations director at document management specialist Filestream